OpenStack Cloud Security+code

Кеш страницы книги с сайта:

If you are an OpenStack administrator or developer, or wish to build solutions to protect your OpenStack environment, then this book is for you.

Experience of Linux administration and familiarity with different OpenStack components is assumed.

About This Book

Design, implement, and deliver a safe and sound OpenStack cluster using best practices

Create a production-ready environment and protect your data on the cloud

A step-by-step tutorial packed with real-world solutions that helps you learn easily and quickly

Who This Book Is For

If you are an OpenStack administrator or developer, or wish to build solutions to protect your OpenStack environment, then this book is for you. Experience of Linux administration and familiarity with different OpenStack components is assumed.

Table of Contents

1: First Things First – Creating a Safe Environment

2: OpenStack Security Challenges

3: Securing OpenStack Networking

4: Securing OpenStack Communications and Its API

5: Securing the OpenStack Identification and Authentication System and Its Dashboard

Explore automated attacks with the help of mass phishing, brute force, and automated exploitation tools

Secure your OpenStack installation from a networking perspective at both low and high levels

Get to know how to secure your OpenStack to use only encrypted communications for APIs

Configure secure communications on the OpenStack API

Harden OpenStack Keystone and Horizon for a more secure environment

Protect the Swift replication mechanism through network hardening

In Detail

OpenStack is a system that controls large pools of computing, storage, and networking resources, allowing its users to provision resources through a user-friendly interface. OpenStack helps developers with features such as rolling upgrades, federated identity, and software reliability.

You will begin with basic security policies, such as MAC, MLS, and MCS, and explore the structure of OpenStack and virtual networks with Neutron. Next, you will configure secure communications on the OpenStack API with HTTP connections. You will also learn how to set OpenStack Keystone and OpenStack Horizon and gain a deeper understanding of the similarities/differences between OpenStack Cinder and OpenStack Swift.

By the end of this book, you will be able to tweak your hypervisor to make it safer and a smart choice based on your needs.

Authors

Fabio Alessandro Locati

Fabio Alessandro Locati is an Italian IT external consultant. His main areas of expertise are Linux, networking, security, data centers, and OpenStack. With more than 10 years of working experience in this field, he has experienced different IT roles, technologies, and languages. Fabio has worked for many different companies, starting from a one-man company to huge companies such as Tech Data and Samsung. This has allowed him to consider various technologies from different points of view, helping him develop critical thinking and understand whether a particular technology is the correct one in a very short span of time.

Since he is always looking for better technologies, he also tries new technologies to see their advantages over the old ones. Two of the most important things Fabio evaluates in a technology are its internal security and the possibility of additional security through configuration or interaction with the other technologies. For virtualization, he often uses OpenStack due to its power and simplicity, ever since he first tried it in 2011. Fabio has used OpenStack for the public-facing cloud, as well as the internal clouds.